Adversarial Data Modifications and their Effect on Automated Decision-Making: A Study on Demand Side Management
HDS-LEE alumnus Dr. Eike Cramer will present his research. The talk takes place as part of the SSD Seminar Series at Seminar room 115 in Rogowski Building, RWTH, and online.
Abstract
Chemical production requires safe operation due to potentially disastrous accidents. Demand side management (DSM) describes exploiting process flexibility to shift electricity consumption and production in time. Thus, DSM is a substantial component of the industry's transition to renewable electricity sources that fluctuate over short intervals. Critically, DSM planning must ensure feasible and safe operation, which is challenging with dynamic process operation and process inertia. Machine learning tools are promising options for optimal DSM with reasonable computation times for scheduling optimization. Furthermore, machine learning has proven to be a capable tool for electricity price forecasting (EPF), which is paramount to obtaining the necessary data to decide on DSM schedules in advance. However, increased usage of machine learning makes production processes susceptible to so-called adversarial attacks. This work highlights the threat of adversarial attacks on chemical production and supporting energy systems using examples of DSM and EPF based on residual load forecasts. The proposed attack intercepts and modifies the data flow of load forecasts and, thus, forces the DSM to result in financial losses for the production company. Notably, adversaries can compute the necessary sensitivities to design the data modifications without knowledge of the EPF model or the DSM optimization model. The quantitative analysis reveals how barely noticeable modifications of the residual load forecasts can lead to significant deterioration of the decisions by the optimizer. The results implicate a significant threat, as attackers can design and implement powerful attacks without infiltrating secure company networks.